General
-
Target
GCQOFN.apk
-
Size
2.0MB
-
Sample
240505-ylxrqafc69
-
MD5
91e7f991651aadb0bba46ee9385b46ae
-
SHA1
ea2e2434143f42a0f450e9b41e538a9cdd119937
-
SHA256
28431e848e6560ad8fc37e3fdba704548af3977e8ec9c9b5cc877955455f993e
-
SHA512
7a1a05ac4ba6d65588d0012df7be29df04a7e06763814133f21d275d00b8857a5cc356e694aaea7c63dc14f226d6e328008912156924e0ab65dea2a7c19d7af4
-
SSDEEP
49152:Z73fx7xKnOWUTO4Kq3nfOAzvnc21zgeFTplk:NxxKnWvKUnrzv11zgOk
Behavioral task
behavioral1
Sample
GCQOFN.apk
Resource
android-33-x64-arm64-20240229-en
Malware Config
Targets
-
-
Target
GCQOFN.apk
-
Size
2.0MB
-
MD5
91e7f991651aadb0bba46ee9385b46ae
-
SHA1
ea2e2434143f42a0f450e9b41e538a9cdd119937
-
SHA256
28431e848e6560ad8fc37e3fdba704548af3977e8ec9c9b5cc877955455f993e
-
SHA512
7a1a05ac4ba6d65588d0012df7be29df04a7e06763814133f21d275d00b8857a5cc356e694aaea7c63dc14f226d6e328008912156924e0ab65dea2a7c19d7af4
-
SSDEEP
49152:Z73fx7xKnOWUTO4Kq3nfOAzvnc21zgeFTplk:NxxKnWvKUnrzv11zgOk
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Legitimate hosting services abused for malware hosting/C2
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-